My apologies for the late reply...
Tom Lane wrote:
<[EMAIL PROTECTED]> writes:
I'd like to see a new variant on PQexec():
PGresult * PQexecf(PGconn *conn, const char *fmt, ...);
Way too late for 8.3 --- if we were going to do something like this,
we should think first and program later. In particular, blindly
adopting the sprintf format string definition doesn't seem very helpful.
The sorts of escapes I'd want to have are "properly quoted SQL
identifier", "properly quoted SQL literal", etc. A large fraction of
what sprintf knows about is more or less irrelevant to the task of
creating SQL commands.
The advantage of using stock sprintf commands is that most compilers
understand them these days, and can check that the arguments given match
the format string. If you go with your own format specifiers, this is
no longer true.
Brian
